Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/eb5dce-d286-4825-a41c-b2bd66889c29/1/gCM1y-e2zsjHt9RkX-D5d5aYgX4.roa
File: gCM1y-e2zsjHt9RkX-D5d5aYgX4.roa (raw, json)
Hash identifier: 8JrUBoe68L2ZgIqhKYS2iruFHlqx62TZjL6Y842fJ1s=
Subject key identifier: 80:23:35:CB:E7:B6:CE:C8:C7:B7:D4:64:5F:E0:F9:77:96:98:81:7E
Certificate issuer: /CN=15733ff82be00b41a990ded6b72b04cb7bf580d7
Certificate serial: 018CC9BBEC121DA18E18978C414AFCBBBF34
Authority key identifier: 15:73:3F:F8:2B:E0:0B:41:A9:90:DE:D6:B7:2B:04:CB:7B:F5:80:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FXM_-CvgC0GpkN7WtysEy3v1gNc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/eb5dce-d286-4825-a41c-b2bd66889c29/1/gCM1y-e2zsjHt9RkX-D5d5aYgX4.roa
Signing time: Tue 02 Jan 2024 10:33:05 +0000
ROA not before: Tue 02 Jan 2024 10:33:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29246
IP address blocks: 195.68.250.0/23 maxlen: 23
185.89.168.0/22 maxlen: 22
2a00:18a8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/eb5dce-d286-4825-a41c-b2bd66889c29/1/FXM_-CvgC0GpkN7WtysEy3v1gNc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/eb5dce-d286-4825-a41c-b2bd66889c29/1/FXM_-CvgC0GpkN7WtysEy3v1gNc.mft
rsync://rpki.ripe.net/repository/DEFAULT/FXM_-CvgC0GpkN7WtysEy3v1gNc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 May 2024 02:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:ec:12:1d:a1:8e:18:97:8c:41:4a:fc:bb:bf:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15733ff82be00b41a990ded6b72b04cb7bf580d7
Validity
Not Before: Jan 2 10:33:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=802335cbe7b6cec8c7b7d4645fe0f9779698817e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:39:9a:62:62:11:ee:74:6e:c8:d7:a2:43:04:
b9:d2:96:cb:94:ce:ed:42:64:e2:da:2c:e9:98:80:
39:e7:03:29:4a:c7:c4:8a:68:5a:57:af:b3:82:5d:
7d:27:99:f7:cb:a0:f6:8f:af:2d:9f:f4:04:b8:c1:
b3:69:d8:a3:e1:93:d5:fc:d6:c7:d0:cc:5c:74:42:
b8:5b:f7:2e:45:b0:0f:42:60:ee:91:d2:3f:ca:9a:
84:3a:71:ae:cf:4d:6f:0a:6e:74:bf:30:81:1d:08:
e5:9f:96:4a:83:e4:0c:90:1a:36:35:72:ae:1d:00:
03:90:56:d6:a1:27:45:d2:fa:70:f1:27:48:42:da:
39:cc:63:ac:91:3d:a1:8b:30:77:3f:81:f7:08:18:
96:71:c3:63:9c:02:ac:e8:9b:b2:44:b1:4e:33:da:
44:89:1b:02:a3:26:24:f9:3b:59:f7:09:d3:92:76:
6e:59:01:b3:f4:7c:be:bb:c8:28:fd:c6:8c:59:aa:
3b:1c:df:31:7b:19:9f:7b:ed:1c:ea:34:7b:69:1e:
7b:cc:96:d1:6e:ac:2b:cb:90:34:a0:7f:d4:b1:fb:
11:31:1d:ae:c3:96:f2:ad:d4:4e:7b:74:de:ce:98:
ec:40:8b:8c:cf:8b:34:99:f1:c8:0a:d0:0c:12:e6:
64:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:23:35:CB:E7:B6:CE:C8:C7:B7:D4:64:5F:E0:F9:77:96:98:81:7E
X509v3 Authority Key Identifier:
keyid:15:73:3F:F8:2B:E0:0B:41:A9:90:DE:D6:B7:2B:04:CB:7B:F5:80:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FXM_-CvgC0GpkN7WtysEy3v1gNc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/eb5dce-d286-4825-a41c-b2bd66889c29/1/gCM1y-e2zsjHt9RkX-D5d5aYgX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/eb5dce-d286-4825-a41c-b2bd66889c29/1/FXM_-CvgC0GpkN7WtysEy3v1gNc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.89.168.0/22
195.68.250.0/23
IPv6:
2a00:18a8::/32
Signature Algorithm: sha256WithRSAEncryption
6d:18:01:a7:60:ae:f3:87:0e:7c:a5:bb:6a:4b:2a:36:5e:0b:
97:a5:b5:62:18:cd:00:65:7e:bc:d6:da:f8:f1:20:3b:de:87:
92:43:41:b7:3d:cf:fa:cf:cd:25:0a:5e:c4:fc:e2:a3:18:ef:
bd:69:e8:7c:32:3d:98:7c:55:99:19:5d:8a:36:d9:ac:14:56:
d2:0b:22:16:bb:1d:53:52:92:6a:16:30:d5:9f:34:ce:46:ae:
78:a8:17:72:a6:e0:94:03:81:6c:49:62:9e:12:b3:50:4a:a2:
d4:1f:35:27:a9:3d:60:89:51:4f:90:18:a9:44:a7:d4:a0:50:
26:84:0b:ed:80:25:08:d3:f6:25:4f:c2:dd:9b:93:8f:2d:6f:
25:42:da:f1:e9:9a:b7:b6:b8:f3:c2:6f:4a:52:95:fa:6c:25:
81:ed:1a:de:f3:cc:24:a1:d4:1f:8b:c0:ec:d4:06:b1:b5:9c:
8a:c0:64:55:78:aa:00:ad:3c:59:89:91:e4:f1:29:71:fa:1a:
76:c0:a0:f2:bc:54:1e:52:87:8f:a7:56:3c:25:58:bf:a5:2d:
e5:50:18:29:73:e9:78:62:dd:51:d5:83:3b:62:16:14:55:30:
75:10:8f:a0:0a:75:27:62:c8:7c:e0:e8:fe:43:15:97:52:6d:
19:25:85:04
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzJu+wSHaGOGJeMQUr8u780MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1NzMzZmY4MmJlMDBiNDFhOTkwZGVkNmI3MmIwNGNiN2Jm
NTgwZDcwHhcNMjQwMTAyMTAzMzA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDIzMzVjYmU3YjZjZWM4YzdiN2Q0NjQ1ZmUwZjk3Nzk2OTg4MTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkTmaYmIR7nRuyNeiQwS50pbLlM7t
QmTi2izpmIA55wMpSsfEimhaV6+zgl19J5n3y6D2j68tn/QEuMGzadij4ZPV/NbH
0MxcdEK4W/cuRbAPQmDukdI/ypqEOnGuz01vCm50vzCBHQjln5ZKg+QMkBo2NXKu
HQADkFbWoSdF0vpw8SdIQto5zGOskT2hizB3P4H3CBiWccNjnAKs6JuyRLFOM9pE
iRsCoyYk+TtZ9wnTknZuWQGz9Hy+u8go/caMWao7HN8xexmfe+0c6jR7aR57zJbR
bqwry5A0oH/UsfsRMR2uw5byrdROe3TezpjsQIuMz4s0mfHICtAMEuZkJwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIAjNcvnts7Ix7fUZF/g+XeWmIF+MB8GA1UdIwQY
MBaAFBVzP/gr4AtBqZDe1rcrBMt79YDXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlhNXy1DdmdDMEdwa043V3R5c0V5M3YxZ05jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lYjVkY2UtZDI4Ni00ODI1LWE0MWMt
YjJiZDY2ODg5YzI5LzEvZ0NNMXktZTJ6c2pIdDlSa1gtRDVkNWFZZ1g0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lYjVkY2UtZDI4Ni00ODI1LWE0MWMtYjJiZDY2ODg5YzI5
LzEvRlhNXy1DdmdDMEdwa043V3R5c0V5M3YxZ05jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuVmoAwQB
w0T6MA0EAgACMAcDBQAqABioMA0GCSqGSIb3DQEBCwUAA4IBAQBtGAGnYK7zhw58
pbtqSyo2XguXpbViGM0AZX681tr48SA73oeSQ0G3Pc/6z80lCl7E/OKjGO+9aeh8
Mj2YfFWZGV2KNtmsFFbSCyIWux1TUpJqFjDVnzTORq54qBdypuCUA4FsSWKeErNQ
SqLUHzUnqT1giVFPkBipRKfUoFAmhAvtgCUI0/YlT8Ldm5OPLW8lQtrx6Zq3trjz
wm9KUpX6bCWB7Rre88wkodQfi8Ds1AaxtZyKwGRVeKoArTxZiZHk8Slx+hp2wKDy
vFQeUoePp1Y8JVi/pS3lUBgpc+l4Yt1R1YM7YhYUVTB1EI+gCnUnYsh84Oj+QxWX
Um0ZJYUE
-----END CERTIFICATE-----
Generated at Mon May 27 08:14:03 2024 by rpki-client on console-ams.rpki-client.org